Philips Patient Information Center iX (PIC iX) and Efficia CM Series Improper Input Validation
CVE-2021-43548

6.5MEDIUM

Key Information:

Vendor

Philips

Vendor
CVE Published:
27 December 2021

What is CVE-2021-43548?

Patient Information Center iX (PIC iX) Versions C.02 and C.03 receives input or data, but does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly.

Affected Version(s)

Patient Information Center iX (PIC iX) C.02

Patient Information Center iX (PIC iX) C.03

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Younes Dragoni, Andrea Palanca and Ivan Speziale of Nozomi Networks
.